Decidedly deleting data

A survey of secure deletion of data held “in the cloud” has been undertaken by Minyao Hua, Yinyuan Zhao, and Tao Jiang of the School of Cyber Engineering at Xidian University in Xi’an, Shaanxi, China. The team reports details in the International Journal of Embedded Systems.

Cloud computing utilizing third-party computer systems, servers, processors, data storage equipment to allow uses to offload the resources they would otherwise require on their premises on to remote systems. There are many different levels of cloud service, some are free or freemium or paid and aimed at individual consumers all the way up to the demands of the corporate and enterprise level. Security and privacy of the data any user stores in the cloud is critical to their ongoing success and sustainability. Breaches occur.

There is a secondary, but just as important issue in that when a user deletes the data they have stored in the cloud, they need to be assured that the data is securely deleted and can no longer be retrieved either by the cloud service provider or malicious parties that might illicitly access those services. The team’s survey compares private and public cloud services and reports on the deletion security of the various services available.

In conclusion, the team recognises that there are problems facing users and have recognized two obvious, fundamental deletion methods that are used to purportedly ensure deletion security for users. The first is the extreme, physical destruction of storage media. The second usually involves software deletion that encrypts the data irretrievably if the key is discarded or lost. There is inevitably a trade-off between efficiency and security. The next challenge will be to ensure deleted data cannot be recovered by future quantum computing technology.

Hua, M., Zhao, Y. and Jiang, T. (2020) ‘Secure data deletion in cloud storage: a survey’, Int. J. Embedded Systems, Vol. 12, No. 2, pp.253–265.